package com.my.home.modules.controller;

import com.my.home.common.Base.BaseController;
import com.my.home.common.Base.RespJson;
import com.my.home.common.shiro.captcha.DreamCaptcha;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Map;

/**
 * Created by Al Sah-him on 2018/5/25.
 */
@Controller
@RequestMapping(value = "/login")
public class LoginContoller extends BaseController {

    @Autowired
    DreamCaptcha dreamCaptcha;

    /**
     * 登录
     * @param
     * @return
     */
    @RequestMapping(value = "",method = RequestMethod.GET)
    public String index(Model model){
        return FRONT_PATH+"/login";
    }


    /**
     * POST 登录 shiro 写法
     *
     * @param username 用户名
     * @param password 密码
     * @return {Object}
     */
    @RequestMapping(value = "/to",method = RequestMethod.POST)
    @ResponseBody
    public Map<String,Object> loginPost(HttpServletRequest request, HttpServletResponse response,
                         String username, String password, String captcha,
                         @RequestParam(value = "rememberMe", defaultValue = "0") Integer rememberMe) {
        logger.info("POST请求登录");
        // 改为全部抛出异常，避免ajax csrf token被刷新
        if (StringUtils.isBlank(username)) {
            throw new RuntimeException("用户名不能为空");
        }
        if (StringUtils.isBlank(password)) {
            throw new RuntimeException("密码不能为空");
        }
        if (StringUtils.isBlank(captcha)) {
            throw new RuntimeException("验证码不能为空");
        }
        if (!dreamCaptcha.validate(request, response, captcha)) {
            throw new RuntimeException("验证码错误");
        }
        Subject user = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(username, password);
        // 设置记住密码
        token.setRememberMe(1 == rememberMe);
        try {
            user.login(token);
            return RespJson.success();
        } catch (UnknownAccountException e) {
            throw new RuntimeException("账号不存在！", e);
        } catch (DisabledAccountException e) {
            throw new RuntimeException("账号未启用！", e);
        } catch (IncorrectCredentialsException e) {
            throw new RuntimeException("密码错误！", e);
        } catch (ExcessiveAttemptsException e) {
            throw new ExcessiveAttemptsException("密码出错5次,账号将锁定半小时！", e);
        } catch (Throwable e) {
            throw new RuntimeException(e.getMessage(), e);
        }
    }

    @RequestMapping("captcha.jpg")
    public void captcha(HttpServletRequest request,HttpServletResponse response){
        dreamCaptcha.generate(request,response);
    }
}
